Right now I have all my pages under a switch case for when a visitor uses whatever.php?p=pagename
Here is how it is currently
switch($page)
{
case 'about':
include('pages/about.php');
break;
case 'contact':
include('pages/contact.php');
break;
case 'edb':
include('pages/edb.php');
break;
case 'eluna':
include('pages/eluna.php');
break;
case 'mercsys':
include('pages/mercsys.php');
break;
case 'pastebin':
include('pages/pastebin.php');
break;
case 'projects':
include('pages/projects.php');
break;
case 'sites':
include('pages/sites.php');
break;
case 'soon':
include('pages/soon.php');
break;
case 'sqlgen':
include('pages/sqlgen.php');
break;
case 'wcms':
include('pages/wcms.php');
break;
case 'add':
include('pages/add.php');
break;
case 'edit':
include('pages/edit.php');
break;
case 'delete':
include('pages/delete.php');
break;
case 'moveAnnouncement':
include('pages/moveAnnouncement.php');
break;
default:
include('pages/404.php');
}
My question is, How can I shorten this down to a foreach loop and use the page names for each .php in the pages/ directory without having to add each individual one or any future pages?
upd: like #svrnm adviced, you can do some security checks if you not did it before:
$filename = realpath('pages/' . $page . '.php');
if($filename && file_exists($filename)) {
include($filename);
}
or/and you can build files whitelist first:
$whitelisted = glob("*.php");
if(in_array($page . '.php', $whitelisted) && file_exists($filename)) {
include($filename);
}
Related
is there a way to go from switch case to execute what is in default?
switch ($_REQUEST['action']) {
case 'edit':
if (isset($_REQUEST['id']) {
doSomething();
else {
goToDefault();
}
break;
case 'list':
...
break;
default:
doDefaultStuff();
break;
}
In the example, I want in the first case's else to go execute what is in default of switch.
Is that possible, or should I use different approach?
You can do that with goto, but I wouldn't recommend that.
$action = 'edit';
$id = null;
switch ($action) {
case 'edit':
if ($id) {
doSomething();
} else {
goto default_action;
}
break;
case 'list':
break;
default:
default_action: echo "doing default stuff";
break;
}
Demo: https://3v4l.org/X71e8
You can use switch(true) instead:
switch (true) {
case $_REQUEST['action'] === 'edit' && isset($_REQUEST['id']):
doSomething();
break;
case $_REQUEST['action'] === 'list':
// ...
break;
default:
doDefaultStuff();
break;
}
Okay, I have one PHP file which needs to contain several switch($_GET['']) statements. For example: switch($_GET['id']), switch($_GET['open']), switch($_GET['number'])... Do I have to close it like:
switch($_GET['id'])
{
}
Or:
switch($_GET['open'])
{
};
One below another with or without semicolon?
This is my index.php:
It does not fully work. My php file is like this (Index.php):
<?php
// THE MAIN SITE
switch($_GET['open'])
{
default: include("Home-Page.php");
case 'Site': include("LetsStart/Pages/Home.php"); break;
case 'Links: switch ($_GET['topics'])
{
default: include("LetsStart/Pages/Links.php"); break;
case 'Tourism': include("LetsStart/Pages/Tourism.php"); break;
case 'Finance': include("LetsStart/Pages/Finance.php"); break;
case 'Health Care': include("LetsStart/Pages/HealthCare.php"); break;
}
break;
case 'About Us': switch ($_GET['details'])
{
default: include("LetsStart/Pages/AboutUs.php"); break;
case 'What We Do': include("LetsStart/Pages/WWD.php"); break;
case 'Our History': include("LetsStart/Pages/OurHistory.php"); break;
}
break;
}
// ENCYCLOPEDIA
switch($_GET['letter'])
{
case 'B': switch($_GET['term'])
{
default: include("LetsStart/Pages/TheEncyclopedia/Letter-B-Main.php"); break;
case 'Term 1': include("LetsStart/Pages/TheEncyclopedia/B/1.php"); break;
case 'Term 2': include("LetsStart/Pages/TheEncyclopedia/B/2.php"); break;
case 'Term 2': include("LetsStart/Pages/TheEncyclopedia/B/3.php"); break;
}
break;
}
?>
It keeps loading my home page and the first page from the second switch.
You do not need a semicolon after the closing bracket of a switch statement (same as an if statement).
You don't need semicolon, because the $_GET['id'] is a variable, not a string. Read this http://www.w3schools.com/php/php_switch.asp
I'm trying to make a language cookie, but for some reason the cookie isn't saving.
here's the code I'm using
if ( !empty($_GET['language']) ) {
setcookie('language-eclear', $_GET['language']);
}
if ( empty($_COOKIE['language-eclear']) ) {
$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
switch ($lang){
case "fr":
include("langFiles/lang-indexFR.php");
break;
case "de":
include("langFiles/lang-indexDE.php");
break;
case "en":
include("langFiles/lang-indexEN.php");
break;
case "nl":
include("langFiles/lang-indexNL.php");
break;
default:
include("langFiles/lang-indexEN.php");
break;
}
}else{
$lang = $_COOKIE['language-eclear'];
switch ($lang){
case "fr":
include("langFiles/lang-indexFR.php");
break;
case "de":
include("langFiles/lang-indexDE.php");
break;
case "en":
include("langFiles/lang-indexEN.php");
break;
case "nl":
include("langFiles/lang-indexNL.php");
break;
default:
include("langFiles/lang-indexEN.php");
break;
}
}
?>
the if loop for setting the cookie works I tested it by echo'ing $_GET['language'];.
However it seems that the cookie isn't saving. What am I missing?
PS: I'm using a wordpress website
I am working on a php base online forum Sincerely speaking i bought the script from codecanyon am still a newbie in php the index page contain $_GET nd switch case which will help in navigating to the other pages but its working keep showing page not find. I have tried all i can pls i need your help thanx.....
`<?php
include("includes/db_config.php");
include("includes/google_config.php");
include("includes/functions.php");
include("includes/loaders.php");
//get web settings
$web = mysql_fetch_array(mysql_query("SELECT * FROM settings ORDER BY id
DESC LIMIT 1"));
//update user online time
if($_SESSION['usern']) {
$user_id = userinfo($_SESSION['usern'],"id");
$online_time = time();
$update = mysql_query("UPDATE users SET online_time='$online_time' WHERE
id='$user_id'");
}
//update forum visits
update_visits();
load_header();
$page = protect($_GET['page']);
}
switch($page) {
case "set_password": include("pages/set_password.php"); break;
case "chat_content": include("pages/chat_content.php"); break;
case "chat": include("pages/chat.php"); break;
case "tag": include("pages/tag.php"); break;
case "forum_sign_in": include("pages/sign_in.php"); break;
case "forum_sign_up": include("pages/sign_up.php"); break;
case "forum_lostpassword": include("pages/lostpassword.php"); break;
case "forum_profile": include("pages/profile.php"); break;
case "forum_messages": include("pages/messages.php"); break;
case "forum_online_users": include("pages/online_users.php"); break;
case "forum_adpanel": include("pages/adpanel.php"); break;
case "view_forum": include("pages/view_forum.php"); break;
case "view_thread": include("pages/view_thread.php"); break;
case "post_thread": include("pages/post_thread.php"); break;
case "post_replie": include("pages/post_replie.php"); break;
case "post_edit": include("pages/post_edit.php"); break;
case "post_delete": include("pages/post_delete.php"); break;
case "post_quote": include("pages/post_quote.php"); break;
case "post_report": include("pages/post_report.php"); break;
case "userinfo": include("pages/userinfo.php"); break;
case "search": include("pages/search.php"); break;
case "read_message": include("pages/read_message.php"); break;
case "send_message": include("pages/send_message.php"); break;
case "reply_message": include("pages/reply_message.php"); break;
case "delete_message": include("pages/delete_message.php"); break;
case "panel": include("pages/panel.php"); break;
case "adpanel_func": include("pages/adpanel_func.php"); break;
case "forum_logout":
unset($_SESSION['usern']);
session_destroy();
session_unset();
$redir = $web['forum_url']."sign_in/";
header("Location: $redir");
break;
default: include("pages/home.php");
}
load_footer();
?>
First you have to debug whats inside the $page variable with:
var_dump($page);
and look whats is the value when you click that link.
NOTE:
I see a brace "`" before the php tag opener, delete it
How can I correct/simplify this and put it in an array?
A link is passing: somelink.php?w=a (or b,c,d)
I want the page (somelink.php) to determine if "w" is set, and if set and the var matches, include the specified page.
<?php
if(isset($_GET['w'])&&($GET['w'] == "a")){include("1.htm");}
if(isset($_GET['w'])&&($GET['w'] == "b")){include("2.htm");}
if(isset($_GET['w'])&&($GET['w'] == "c")){include("3.htm");}
if(isset($_GET['w'])&&($GET['w'] == "d")){include("4.htm");}
else{include("1.htm");}
?>
try using:
$w = $_GET['w'];
if(isset($w)) {
switch(strtolower($w)) {
case "a":
include("1.htm");
break;
case "b":
include("2.htm");
break;
case "c":
include("3.htm");
break;
case "d":
include("4.htm");
break;
default:
include("not-found.htm");
break;
}
}
Use a switch statement:
if(isset($_GET['w']))
{
switch($_GET['w'])
{
case 'a': include("1.html"); break;
case 'b': include("2.html"); break;
case 'c': include("3.html"); break;
case 'd': include("4.html"); break;
default: include("1.html"); break;
}
} else {
include("1.html");
}
how about a simple array
$x=array('a'=>'1.html','b'=>'2.html');
then
include $x[$GET['w']];
Like this:
if(isset($_GET['w'])){
switch($_GET['w']){
case "a":
include("1.htm");
break;
case "b":
include("2.htm");
break;
case "c":
include("3.htm");
break;
case "d":
include("4.htm");
break;
}
}
But I wouldn't do it that way. I'd make it so that the name of the page corresponds to the value being retrieved from the $_GET variable. That way you could do something like this.
if(!empty($_GET['w'])){
include($_GET['w'] . ".htm");
}
Of course, you'd want a little filtering of the $_GET var too to make sure it doesn't get something you don't want there. Maybe like this.
$acceptable_values = array("some","acceptable","values");
if(!empty($_GET['w']) && in_array($_GET['w'],$acceptable_values) ){
include($_GET['w'] . ".htm");
}
As I'm sure you are aware, passing variables directly into include statements or database queries is a TERRIBLE idea. See here for why in this case.
http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
You could do a few things, lets take a look at some of them.
<?php
$webpage = '';
if(isset($_GET['w']))
$webpage = strtolower($_GET['w']);
switch($webpage)
{
case 'b':
include '2.html';
break;
case 'c':
include '3.html';
break;
case 'd':
include '4.html';
break;
default:
include '1.html';
break;
}
Or we could use arrays
<?php
$webpage = '';
if(isset($_GET['w']))
$webpage = strtolower($_GET['w']);
$included_pages = array(
'a' => '1.htm',
'b' => '2.htm',
'c' => '3.htm',
'd' => '4.htm',
);
// Check inside our array
if(array_key_exists($webpage, $includes))
{
include $included_pages[$webpage];
}
else
{
// Couldn't find the site
include '1.htm';
}